2 matches found
ManageEngine Multiple Products Multiple SQL Injections (CVE-2014-7868)
An SQL injection vulnerability exists in ManageEngine OpManager, Social IT Plus and IT360. The vulnerability is due to insufficient input validation of the OPMBVNAME parameter when processing requests using the APMBVHandler servlet. A remote attacker can exploit this vulnerability to inject and...
Sql injection
Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the 1 OPMBVNAME parameter in a Delete operation to the APMBVHandler servlet ...